You mean try and find if a company has a bug bounty program they run independently or internally you can submit something to?
“Company name” +”bounty”
“Company Name” +”NOC” (or +”SOC”)
“Company Name” +”Submit Bug”
Best bet is to just look up on LinkedIn and find company employees who are listed as CTO, sysadmin, any IT department and report the bug to them directly. You most likely aint gunna get paid but at least you can report it.